ietf-smime
[Top] [All Lists]

Certificate exchange (was: RE: Comment on ESS and Privacy Marks )

1998-02-18 15:30:28
On Wednesday, February 18, 1998 1:18 PM, Rik Drummond
[SMTP:drummond(_at_)onramp(_dot_)net] wrote:
The EDIINT "Secure EDI over Internet WG" is testing our
recommendations 
with 8 vendors. We are exchanging cert. in s/mime pkcs7 format. What
are 
your recommendations in the use of pkcs12 format for cert. exchange?

For simply exchanging certificates, PKCS #12 is a big hammer.
Certs-only PKCS #7 messages are pretty easy to generate and parse,
though they don't offer any integrity or privacy services.  I guess it
depends on the need:  If you have a mechanism for chain validation on
the recipient side, and can qualify the a received certificate as
usable, then certs-only should work fine.

Blake
--
Blake C. Ramsdell
Worldtalk Corporation
For current info, check http://www.deming.com/users/blaker
Voice +1 425 882 8861 x103  Fax +1 425 882 8060


<Prev in Thread] Current Thread [Next in Thread>
  • Certificate exchange (was: RE: Comment on ESS and Privacy Marks ), Blake Ramsdell <=